[keycloak-dev] can't figure this out
Leonardo Loch Zanivan
leonardo.zanivan at gmail.com
Thu Mar 26 11:21:49 EDT 2015
Ops, you need to remove after keycloak success. Here is an example:
keycloakAuth.init({
onLoad: 'login-required'
}).success(function(authenticated) {
//fix facebook oauth
if (window.location.hash === '#_=_') {
window.location.hash = '';
}
});
On Thu, Mar 26, 2015 at 12:19 PM Leonardo Loch Zanivan <
leonardo.zanivan at gmail.com> wrote:
> Facebook adds "#_=_" at the end of redirect URL for "security reasons", so
> SPA apps won't work unless you remove it.
>
> In Angular apps you should remove before call keycloak:
>
> if (window.location.hash === '#_=_') {
> window.location.hash = '';
> }
>
> On Thu, Mar 26, 2015 at 12:14 PM Stian Thorgersen <stian at redhat.com>
> wrote:
>
>> AFAIK Facebook is OAuth2 + custom weird stuff that looks like but isn't
>> OpenID Connect
>>
>> ----- Original Message -----
>> > From: "Stian Thorgersen" <stian at redhat.com>
>> > To: "Bill Burke" <bburke at redhat.com>
>> > Cc: keycloak-dev at lists.jboss.org
>> > Sent: Thursday, 26 March, 2015 4:11:11 PM
>> > Subject: Re: [keycloak-dev] can't figure this out
>> >
>> > I remember seeing the '#_=_' crap a while ago, I believe that was before
>> > Pedro started brokering.
>> >
>> > ----- Original Message -----
>> > > From: "Bill Burke" <bburke at redhat.com>
>> > > To: keycloak-dev at lists.jboss.org
>> > > Sent: Thursday, 26 March, 2015 2:54:27 PM
>> > > Subject: [keycloak-dev] can't figure this out
>> > >
>> > > I'm going crazy... I'm testing facebook login with the admin console
>> as
>> > > the test app.
>> > >
>> > > 1. Facebook auth succeeds
>> > > 2. Redirect back to admin console
>> > > 3. For some reason admin console doesn't like the redirect URL and
>> does
>> > > a redirect back to keycloak login with a fragment of #_=_
>> > > 4. I'm already logged in, so redirect back
>> > > 5. Success, but the fragment is #_=_
>> > >
>> > > Login works for github though...I'm freakin stumped. The initial
>> > > redirect back to the admin console is the same exact redirect uri for
>> > > both github and facebook.
>> > >
>> > > Has anybody seen this before?
>> > >
>> > > --
>> > > Bill Burke
>> > > JBoss, a division of Red Hat
>> > > http://bill.burkecentral.com
>> > > _______________________________________________
>> > > keycloak-dev mailing list
>> > > keycloak-dev at lists.jboss.org
>> > > https://lists.jboss.org/mailman/listinfo/keycloak-dev
>> > >
>> > _______________________________________________
>> > keycloak-dev mailing list
>> > keycloak-dev at lists.jboss.org
>> > https://lists.jboss.org/mailman/listinfo/keycloak-dev
>> >
>> _______________________________________________
>> keycloak-dev mailing list
>> keycloak-dev at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-dev/attachments/20150326/dfa17687/attachment-0001.html
More information about the keycloak-dev
mailing list